I started trying to understand the OPNsense / pfSense split a while ago, and thought I would make a post of what I know so far.
This is still incomplete, but I thought I would post what I have so far
Cast of Characters
- Manuel Kasper – Original m0n0wall developer
- Netgate/ESF/RCL – Corporate owner of pfSense. As far as I can tell Netgate, Rubicon Communications LLC (RCL), and Electric Sheep Fencing LP (ESF) appear to behave as one company.
- Deciso B.V. – Corporate owner/founder of OPNsense, also runs the m0n0wall site archive.
FreeBSD → m0n0wall → pfSense → OPNsense
m0n0wall was a FreeBSD distro (for lack of a better word) for embedded systems, using PHP to replace large parts of the boot configuration and providing a web UI.
pfSense was forked from m0n0wall, and in 2013 was sold to Electric Sheep Fencing
OPNwall was forked in 2015 from pfSense by Deciso
pfSense: Apache ← ESF 6 clause ← originally BSD
Before the switch to the Apache Licence, the pfSense project required contributors to sign a Contributor Licence Agreement; I am not sure if this was for all code contributions, or just the “tools” repository used to build pfSense images. I haven’t found any contributor agreement for OPNsense yet.
Speedy deletion wiki says that ESF license was used in 2013, so probably right when they acquired pfSense?
Part of reason for the fork seems to have been about the “pfSense” trademark.
Netgate claims that Deciso tried to register the “pfSense” trademark in Europe to steal it from them, but I’m not knowlegeable enough about international trademark law to know whether this is what they were trying to do or not. I might try to read up about this more later.
For context, Yawarra, another appliance seller, rebranded their pfSense builds as Rident in 2014 when the needed to make some modifications and the resulting builds were not allowed to be called “pfSense”. They went back to vanilla pfSense at some point later:
Note: We are no longer creating new versions of Rident™ because pfSense® now works on our servers “out of the box”.
Whatever happened, I was curious how Deciso plans to treat the “OPNsense” trademark in comparison to ESF/Netgate/RCL with “pfSense” so I asked on the OPNsense forum:
I found the reply I got reassuring, but words are not always indicative of future action, so take it with a grain of salt. If you want to compare the listed policies yourself:
Also both Netgate/pfSense and Deciso/OPNsense offer a partner program, but I haven’t looked into these much yet:
Of course some pfSense/Netgate people are suspicous of this, but Kasper’s website (and its domain is still registered to him personally) points to the OPNsense-maintained m0n0wall site without comment.
I will say that I personally find the banner recommending OPNsense on the m0n0wall site more than a bit tacky.
RCL/Netgate registered the domain opnsense.com and used it to slander/parody (depends on who you ask) OPNsense, who uses the opnsense.org domain. Notably, there was no disclaimer that the site was a parody, and the footer contained a deceptive copyright notice, reading: “© 2016 OPNsense”
Deciso, arguing that the site and RCL/Netgate’s use of the domain was misleading and intended only to damage their trademark (OPNSENSE), brought a case to WIPO arbitration and won the right to the domain name:
At this point I’m cynical enough to not really trust anything I read, although this blog post does a nice UI comparison with screen shots and seems legitimate enough.